step 1) 下载ActiveMQ并解压移到 /usr/local目录下
cd /opt wget http://mirrors.cnnic.cn/apache//activemq/5.14.2/apache-activemq-5.14.2-bin.tar.gz tar zxvf apache-activemq-5.14.2-bin.tar.gz mv apache-activemq-5.14.2 /usr/local/ ln -s /usr/local/apache-activemq-5.14.2 /usr/local/activemq
step 2) 创建activemq 用户并赋给目录权限
adduser activemq chown -R activemq:activemq /usr/local/activemq
step 3) 安装ActiveMQ
su activemq cd /usr/local/activemq bin/activemq setup ./conf
step 4) 配置成服务
vi /usr/local/activemq/bin/activemq在第二行加入如下:
# chkconfig: - 64 36在" EXEC_OPTION="下加入如下内容,配置activemq的启动用户
ACTIVEMQ_USER="activemq"配置服务与开机启动
ln -s /usr/local/activemq/bin/activemq /etc/init.d/activemq chkconfig activemq on
step 5)配成ActiveMQ的用户组与权限
vi /usr/local/activemq/conf/activemq.xml找到节点:beans>broker>plugins 加入如下内容
<!-- use JAAS to authenticate using the login.config file on the classpath to configure JAAS --> <jaasAuthenticationPlugin configuration="activemq" /> <authorizationPlugin> <map> <authorizationMap> <authorizationEntries> <authorizationEntry topic="ActiveMQ.Advisory.>" write="all" read="all" admin="all" /> <authorizationEntry queue=">" write="producers" read="consumers" admin="admins,consumers" /> </authorizationEntries> <tempDestinationAuthorizationEntry> <tempDestinationAuthorizationEntry write="admin" read="admin" admin="admin" /> </tempDestinationAuthorizationEntry> </authorizationMap> </map> </authorizationPlugin>
剩下的就是管理ActiveMQ用户( users.properties)与组 ( groups.properties)了,这里略过,
有个巨坑,注意:如果开启了web控制台与需要使用REST API,那 conf/jetty-realm.properties 里的账户密码需要与users.properties的密码完全一致(还未找到其它解决方案),不然调用Rest API的权限会有问题。
step 6)启动ActiveMQ服务
service activemq start
参考: http://activemq.apache.org/security.html